Hi everyone, I was searching for a way to remove a specific value from a list on a pod through a patch, specifically on the SecurityContext.Capabilities attribute. At first I came across the json patch remove limitation which requires an index but after some more digging I found the $deleteFromPrimitiveList directive used in the strategic patch type. Thing is this directive is not documented anywhere under the official documentation and only has a couple of hits in forums and the source code itself. This is what I ended up with which is working for me:
patch.yaml:
spec:
template:
spec:
containers:
- name: test
securityContext:
capabilities:
$deleteFromPrimitiveList/add: [“SYS_RAWIO”]
patch command:
kubectl patch deployment test --patch=“$(cat patch.json)”
My question is, should I use this, is this officially supported? If so, is there a needed minimum cluster version?
and is there a reason its not documented anywhere?
Thanks